IPv6 equivalent to DHCP Option 82 for geolocating customer MACs to certain ports of Multi-port Layer 2 demarcation devices
gert at space.net
Mon May 9 11:25:02 CEST 2011
On Mon, May 09, 2011 at 09:54:32AM +0100, Nick Hilliard wrote:
> SEND will never take off because it requires certificates. I.e. it's too
> complicated for my mother to install on her DSL link.
Not fully correct. There's two things to SeND - one is securing the
"neighbour discovery" bits by use of CGAs and pub-key crypto, and that's
mostly automatic. The other one is "secure the router advertisement",
and *that* one needs certificates.
For the rogue-RA-no-certs-wanted problem, you need L2 gear that can
filter RAs from non-router-ports.
did you enable IPv6 on something today...?
SpaceNet AG Vorstand: Sebastian v. Bomhard
Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen HRB: 136055 (AG Muenchen)
Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279
More information about the ipv6-ops